I have a working, but still mostly unused, Keycloak server that currently provides OIDC logins for a MediaWiki instance and my Nextcloud server. Logins work fine. Both Nextcloud and MediaWiki log into the same realm (with different clients) and share a common login session.
But I want an idle timeout of 14 days, with a maximum session length of 30 days, and that’s not happening. My sessions don’t even last one day. I need some advice, please.
Keycloak 12.0.4 running on Ubuntu 20.04.3
Revoke Refresh Token: Off
SSO Session Idle: 14 Days
SSO Session Max: 30 days
SSO Session Idle Remember Me: 0 Minutes
SSO Session Max Remember Me: 0 Minutes
Offline Session Idle: 14 Days
Offline Session Max Limited: 0 Minutes
Client Session Max: 0 Minutes
Access Token Lifespan: 14 Days
Access Token Lifespan for Implicit Flow: 14 Days
Client login timeout: 1 Minute
Login timeout: 30 Minutes
Login action timeout: 5 Minutes
User-initiated Action Lifespan: 5 Minutes
Default Admin-Initiated Action Lifespan: 15 Minutes
Override User-Initiated Action Lifespan: not set
I recently changed the access token lifespan from a much lower value.
Thank you in advance